cPanel Forums
06-15-2003, 02:08 PM
|
||||
|
||||
|
Anyone know how to debug this intrusion.
Hello,
On a test server we managed to get it attacked and hacked with felonious information. We know are going to try to debug it without re-installing redhat. Any ideas on how to dig out the trojan horse or whatever the hacker did in this folder? The logs where re-directed to dev/null so there is no record of what was done. Maybe a good tool that can find a trojan and debug it? Here is the hack from user rpm: IMPORTANT: Do not ignore this email. This message is to inform you that the rpm package fileutils did not match the expected checksum. This could mean that your system was compromised (OwN3D). The offending files have been removed and replaced with the OS default. To be safe you should verify that your system has not be compromised. Modified Files: ..5..... /usr/bin/vdir We are new to trojan debugging and will post any useful information if it arises. This is experimental so any suggestions are welcome. Thanks, cPanel.net Support Ticket Number:     
|
 |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT -5. The time now is 11:46 AM.
Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
© cPanel Inc
